CVE-2012-0738
published 2012-12-28CVE-2012-0738: IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not validate X.509 certificates during scanning, which allows…
medium5.8CVSS 3.1
AVNACMAuNCPIPAN
IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not validate X.509 certificates during scanning, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary certificate.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | rational_policy_tester | <= 8.5.0.2 | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | rational_policy_tester | — | — |
| ibm | security_appscan | <= 8.6.0.1 | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |
| ibm | security_appscan | — | — |